Tag Archive | Trojans

Trojans

Trojan is a type of the malicious program that disguised as a legitimate software. This programs can provide unauthorized access to the user’s computer. The name came from the Ancient Geek story. The working is also like similar. The way they disguised the horse to invade the troy.

There are two components of the Trojan

Overt component: Overt component can be seen or in the form dis-tractor to the users. It comes in the games, freeware software and dis-tractor software.
Covert component: Covert component cannot be seen or is in the hidden form. It is usually perform by the hacker or pen tester to gain access to the victims computer by BackDoors, RootKits, KeyLoggers, Spyware

Different types of the Trojans

  • Virtual Network Computing Trojan (VNC)

  • HTTP(web based)

  • IRC

  • Command Shell

  • Destruction

  • Documents

  • Botnet

  • Proxy

  • Remote Access Trojan (RAT)

  • Email

  • FTP

  • GUI

  • Spam

  • Defacement

  • Mobile

Different Infections Techniques

  • Instant Messaging

  • IRC

  • Physically installing on the computer

  • Browser(Through the different script like java-script on the browsers)

  • Fake programs

  • Attachments(Through email)

  • Freeware

  • Games

Detecting the Trojan

  • Monitor the common ports used by Trojans (PORTS)

  • Check the different process whether it is legitimate or not(Running Process)

  • Scan register(Registry)

  • Monitor authorized or unauthorized drivers (Drivers)

  • Scan different services running  (Services)

  • Startup

  • Files/Folder

  • Network Activity

  • Using different scanner to detect the viruses(Scanners)

Counter Measures

  • Since though Email Attachment viruses can be transferred (Blocking the certain Email attachment)

  • Blocking certain instant messaging (shutdown Instant Messaging)

  • Security Technical Implementation Guide  (STIG)

  • Monitor traffic

  • Hardening system

  • Restricting some the port and authorizing some of the ports (Blocking Ports)

  • Patch management

  • Monitoring the system by hashing files or from the networking level like intrusion detection system (Monitor Integrity)

  • Trusted sources (Installing software though trusted sources)

  • Anti “Trojans” software